At Cisco Talos, we try to build detections for every threat we see to provide customers with a portfolio capable of identifying and stopping threats at various stages of an attack's lifecycle. Deploying the best suite of layered security tools is an integral part of protecting an organization. But we recognize the difference between a successful cyber security program and an unsuccessful one is dependent on more than having the right security products. Successful programs are multi-disciplined, built on fundamentals, and are risk-aware.
In our research and investigations, we often observe sophisticated attack techniques. But typically, even well-funded and highly targeted attacks rely on victims who aren't following some of the basics of security. Implementing best practices alone won't protect you against all adversaries. They will raise the bar for attackers by some amount, but with enough resources, attackers can find a way in. Following the basics allows you to develop more advanced techniques and approaches to stop more advanced adversaries.
We work with security executives across the industry and understand the many different challenges that they face. Some of the basics, like writing and enforcing policies, maintaining an available and effective operational security infrastructure, protecting company and customer data, or establishing effective relationships all require different strategies and resources. Security execs balance these responsibilities against not only external attackers, but also the needs of staff, other executives, and boards of directors. The challenges may be plentiful, but the right plan built on strong fundamentals will protect your organization from cyber attacks.
Based on our conversations with executives and research into the latest threats, Talos is rolling out a series of short, non-technical posts for the executive security community. We'll structure our conversation around the following pillars of information security that should resonate with executives:
- Governance and risk management
- Security architecture
- Asset & vulnerability management
- Endpoint protection
- User management
- Third parties & the supply chain
- Incident response
- Monitoring & audit
- Data protection & recovery
- Secure configuration
- Advanced threat hunting
We'll talk about the problems CISOs are facing today, what a CISO should know about these areas, and the proper ways to respond to those problems. We'll reference applicable Talos research and reference established standards and compliance controls. Whether you're a freshman security executive or seasoned professional, we want to facilitate a conversation on topics that matter to you.
We'll update this blog post with the full catalog of topics as they're published. Released posts in this series so far include: